Hello,
I'm having an issues trying to enroll a Mac for a certificate. I've already installed the Enrollment Point and Proxy Point, modified the default client settings to create a Mac profile, and configured the MP, DP to use https with internet clients. I also have created the required templates.
When we run sudo ./CMEnroll -s fqdn.siteserver -ignorecertchainvalidation -u ‘DOMAIN\Username, the Mac reports:
Server connection failed. HTTP Response code is 500 and reason is Internal Server Error
The EnrollmentService.log reports the following:
[7, PID:5328][04/22/2013 08:42:27] :WindowsIdentity is created for domain: domain user: username [7, PID:5328][04/22/2013 08:42:27] :validated user credentials [7, PID:5328][04/22/2013 08:42:27] :Handling RequestSecurityToken [7, PID:5328][04/22/2013 08:42:27] :claim identity name: domain\username [7, PID:5328][04/22/2013 08:42:27] :ConfigManager: RefreshCache: Creating Enrollment Profile 16777219 [7, PID:5328][04/22/2013 08:42:27] :EnrollmentServiceProfile: GetDBCAs retrieved Template information: [7, PID:5328][04/22/2013 08:42:27] :Template: ConfigMgrMacClientCertificate [7, PID:5328][04/22/2013 08:42:27] :CA: System.Collections.Generic.List`1[system.String] [7, PID:5328][04/22/2013 08:42:53] :Failed to find which forest the CA CA.server.domain.com is in. DMP assignment will skip consider forest data [7, PID:5328][04/22/2013 08:42:53] :Impersonating caller: domain\username [7, PID:5328][04/22/2013 08:42:53] :Revert back to self: NT AUTHORITY\NETWORK SERVICE [7, PID:5328][04/22/2013 08:42:53] :ConfigManager: Sending CA Success Status - ENROLLSRVMSG_CA_SUCCESS [7, PID:5328][04/22/2013 08:42:53] :ConfigManager: CA Chains count: 1 [7, PID:5328][04/22/2013 08:42:53] :ConfigManager: Subject name: CN=CA, DC=domain, DC=com [7, PID:5328][04/22/2013 08:42:53] :ConfigManager: Issuer Name: CN=CA, DC=domain, DC=com [7, PID:5328][04/22/2013 08:42:53] :ConfigManager: CA Chains 1 thumprint: <thumbprint> [7, PID:5328][04/22/2013 08:42:53] :ConfigManager: Got root CA hash: <hash> [7, PID:5328][04/22/2013 08:42:53] :Impersonating caller: domain\username [7, PID:5328][04/22/2013 08:42:53] :Revert back to self: NT AUTHORITY\NETWORK SERVICE [7, PID:5328][04/22/2013 08:42:53] :FaultCode is: MessageFormat and reason is: ArgumentException: Value cannot be null. Parameter name: name
Any thoughts?